CVE-2013-3527

Published May 10th, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to execute arbitrary SQL commands via the parameter name in the Form/Email array to (1) entry/signin or (2) entry/passwordrequest.

vanilla/vanilla

Vanilla is a powerfully simple discussion forum you can easily customize to make as unique as your community.

GitHub

2.98K